8.5 Configuring External Password Management

Use the Forgot Password Link configuration parameter to specify the location of a WAR containing Forgot Password functionality. You can specify a WAR that is external or internal to the User Application.

8.5.1 Specifying an External Password Management WAR

  1. Use either the install procedure or the configupdate utility.

  2. In the User Application configuration parameters, select the Use External Password WAR configuration parameter check box.

  3. For the Forgot Password Link configuration parameter, specify the location for the external password WAR.

    Include the host and port, for example http://localhost:8080/ExternalPwd/jsps/pwdmgt/ForgotPassword.jsf. An external password WAR can be outside the firewall protecting the User Application.

  4. For the Forgot Password Return Link, supply the path that the external Password Management WAR uses to call back the User Application through Web Services, for example https://idmhost:sslport/idm.

    The return link must use SSL to ensure secure Web Service communication to the User Application. See also Section 8.5.4, Configuring SSL Communication between JBoss Servers.

  5. Do one of the following:

    • If you are using the installer, read the information in this step and proceed to Step 6.

    • If you are using the configupdate utility to update the external password WAR in the installation root directory, read this step and manually rename the WAR to the first directory you specified in Forgot Password Link. Then, proceed to Step 6.

    Before the installation ends, the installer renames IDMPwdMgt.war (bundled with the installer) to the name of the first directory that you specify. The renamed IDMPwdMgt.war becomes your external password WAR. For example, if you specify http://www.idmpwdmgthost.com/ExternalPwd/jsps/pwdmgt/ForgotPassword.jsf, the installer renames IDMPwdMgt.war to ExternalPwd.war. The installer moves the renamed WAR into the installation root directory.

  6. Manually copy ExternalPwd.war to the remote JBoss server deploy directory that runs the external password WAR functionality.

8.5.2 Specifying an Internal Password WAR

  1. In the User Application configuration parameters, do not select Use External Password WAR.

  2. Accept the default location for the Forgot Password Link, or supply a URL for another password WAR.

  3. Accept the default value for Forgot Password Return Link.

8.5.3 Testing the External Password WAR Configuration

If you have an external password WAR and want to test the Forgot Password functionality by accessing it, you can access it in the following locations:

  • Directly, in a browser. Go to the Forgot Password page in the external password WAR, for example http://localhost:8080/ExternalPwd/jsps/pwdmgt/ForgotPassword.jsf.

  • At the User Application login page, click the Forgot Password link.

8.5.4 Configuring SSL Communication between JBoss Servers

If you select Use External Password WAR in the User Application configuration file during installation, you must configure SSL communication between the JBoss servers on which you are deploying the User Application WAR and the IDMPwdMgt.war file. Refer to your JBoss documentation for directions.